diff --git a/README.md b/README.md index 5a822258a3c..dc9ec0b5ebe 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,7 @@ This driver allows Kubernetes to access [SMB](https://wiki.wireshark.org/SMB) se |Driver Version | supported k8s version | supported [Windows csi-proxy](https://github.com/kubernetes-csi/csi-proxy) version | |---------------|-----------------------|-------------------------------------| |master branch | 1.21+ | v0.2.2+ | +|v1.15.0 | 1.21+ | v0.2.2+ | |v1.14.0 | 1.21+ | v0.2.2+ | |v1.13.0 | 1.21+ | v0.2.2+ | diff --git a/charts/README.md b/charts/README.md index 9f541b6b1ee..0d042ef21f5 100644 --- a/charts/README.md +++ b/charts/README.md @@ -15,7 +15,7 @@ ```console helm repo add csi-driver-smb https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts -helm install csi-driver-smb csi-driver-smb/csi-driver-smb --namespace kube-system --version v1.14.0 +helm install csi-driver-smb csi-driver-smb/csi-driver-smb --namespace kube-system --version v1.15.0 ``` ### install driver with customized driver name, deployment name diff --git a/charts/index.yaml b/charts/index.yaml index 18eab9068ce..5027f3881aa 100644 --- a/charts/index.yaml +++ b/charts/index.yaml @@ -1,27 +1,45 @@ apiVersion: v1 entries: csi-driver-smb: + - apiVersion: v1 + appVersion: v1.15.0 + created: "2024-07-18T06:59:59.116464753Z" + description: SMB CSI Driver for Kubernetes + digest: fcadda7e1af1bcfbfd42da9f4a02f6baaa96b0b48bafe7241dc4c5a588d9e4b4 + name: csi-driver-smb + urls: + - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/latest/csi-driver-smb-v1.15.0.tgz + version: v1.15.0 + - apiVersion: v1 + appVersion: v1.15.0 + created: "2024-07-18T06:59:59.126665562Z" + description: SMB CSI Driver for Kubernetes + digest: fcadda7e1af1bcfbfd42da9f4a02f6baaa96b0b48bafe7241dc4c5a588d9e4b4 + name: csi-driver-smb + urls: + - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.15.0/csi-driver-smb-v1.15.0.tgz + version: v1.15.0 - apiVersion: v1 appVersion: v1.14.0 - created: "2024-05-11T03:32:35.244954507Z" + created: "2024-07-18T06:59:59.12600989Z" description: SMB CSI Driver for Kubernetes - digest: 7a455b3ccc46bf96bdd151190c29875d44a63e138aae1b2283d7864ce169570f + digest: 5d63c8c4824b43ad35f498854be6d24a06e3d7c19a50c57dc5c6de26d7f39850 name: csi-driver-smb urls: - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.14.0/csi-driver-smb-v1.14.0.tgz version: v1.14.0 - apiVersion: v1 appVersion: v1.13.0 - created: "2024-05-11T03:32:35.244367266Z" + created: "2024-07-18T06:59:59.124750877Z" description: SMB CSI Driver for Kubernetes - digest: f0004d3c68899604b0b7ea8672d45163dd3117d0de5db58a202cf7c602dc0c4c + digest: 962ae1f26a13852e86256464e534228ae6118109aeb1e63abbee07ca18809cff name: csi-driver-smb urls: - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.13.0/csi-driver-smb-v1.13.0.tgz version: v1.13.0 - apiVersion: v1 appVersion: v1.12.0 - created: "2024-05-11T03:32:35.243790871Z" + created: "2024-07-18T06:59:59.12353098Z" description: SMB CSI Driver for Kubernetes digest: eb1f894fa5ad0c20da3b26a3ad4c20857914c8d76a098fd2185ff068d6118ddd name: csi-driver-smb @@ -30,7 +48,7 @@ entries: version: v1.12.0 - apiVersion: v1 appVersion: v1.11.0 - created: "2024-05-11T03:32:35.243215075Z" + created: "2024-07-18T06:59:59.122589727Z" description: SMB CSI Driver for Kubernetes digest: ab3cab9509579264ed95e49a0ad077019a52a45b4e6cc436de5b1f70c03699ed name: csi-driver-smb @@ -39,7 +57,7 @@ entries: version: v1.11.0 - apiVersion: v1 appVersion: v1.10.0 - created: "2024-05-11T03:32:35.242672163Z" + created: "2024-07-18T06:59:59.121823174Z" description: SMB CSI Driver for Kubernetes digest: 82e460e6fa80da9ca523a86c28e001e15595d27c3507864f2123dbadc64c7fec name: csi-driver-smb @@ -48,7 +66,7 @@ entries: version: v1.10.0 - apiVersion: v1 appVersion: v1.9.0 - created: "2024-05-11T03:32:35.251445708Z" + created: "2024-07-18T06:59:59.135360154Z" description: SMB CSI Driver for Kubernetes digest: 5c78c650b9755e508afecb3f6a554c549509023f7b0610b53853a41783d1c08f name: csi-driver-smb @@ -57,7 +75,7 @@ entries: version: v1.9.0 - apiVersion: v1 appVersion: v1.8.0 - created: "2024-05-11T03:32:35.250403579Z" + created: "2024-07-18T06:59:59.133499239Z" description: SMB CSI Driver for Kubernetes digest: d19d156c2143d753085bcbcb32506f8ebd7ebdee275e726f9c8d774a1f0b9f34 name: csi-driver-smb @@ -66,7 +84,7 @@ entries: version: v1.8.0 - apiVersion: v1 appVersion: v1.7.0 - created: "2024-05-11T03:32:35.249884331Z" + created: "2024-07-18T06:59:59.132497919Z" description: SMB CSI Driver for Kubernetes digest: 65594a1ff09d912a33ee0674bba1fad1f7c717638a281fb68bcfa2c98c288453 name: csi-driver-smb @@ -75,7 +93,7 @@ entries: version: v1.7.0 - apiVersion: v1 appVersion: v1.6.0 - created: "2024-05-11T03:32:35.249367485Z" + created: "2024-07-18T06:59:59.131558208Z" description: SMB CSI Driver for Kubernetes digest: 31dd4c8b0b0d4a61565631aa5b433b18b5375aeb24812bf4fa9958d5b7917485 name: csi-driver-smb @@ -84,7 +102,7 @@ entries: version: v1.6.0 - apiVersion: v1 appVersion: v1.5.0 - created: "2024-05-11T03:32:35.248819847Z" + created: "2024-07-18T06:59:59.130742188Z" description: SMB CSI Driver for Kubernetes digest: b7dc9e9dc5d46df12a6d1a5643efe86439bff6c36867968f772e6899692083d6 name: csi-driver-smb @@ -93,7 +111,7 @@ entries: version: v1.5.0 - apiVersion: v1 appVersion: v1.4.0 - created: "2024-05-11T03:32:35.248321885Z" + created: "2024-07-18T06:59:59.130135834Z" description: SMB CSI Driver for Kubernetes digest: 9b1a6166ab72c09d0eefb448ecc998639b9f6255afb00bfc0ae0a4fdad76f119 name: csi-driver-smb @@ -102,7 +120,7 @@ entries: version: v1.4.0 - apiVersion: v1 appVersion: v1.3.0 - created: "2024-05-11T03:32:35.247795898Z" + created: "2024-07-18T06:59:59.129292699Z" description: SMB CSI Driver for Kubernetes digest: d2236d36f1cb24139ddf87ea87229369ed856efc42330e656330f6cfa7635858 name: csi-driver-smb @@ -111,7 +129,7 @@ entries: version: v1.3.0 - apiVersion: v1 appVersion: v1.2.0 - created: "2024-05-11T03:32:35.247242587Z" + created: "2024-07-18T06:59:59.12745517Z" description: SMB CSI Driver for Kubernetes digest: 9d7099165db24d5412c95b298a59cca9b233ab8800d04efd34bb055812390915 name: csi-driver-smb @@ -120,7 +138,7 @@ entries: version: v1.2.0 - apiVersion: v1 appVersion: v1.1.0 - created: "2024-05-11T03:32:35.242140171Z" + created: "2024-07-18T06:59:59.120935991Z" description: SMB CSI Driver for Kubernetes digest: 5b39613c9104db06815ee2d42fec8507c3bb2038264513449079a4eb5b6530a8 name: csi-driver-smb @@ -129,7 +147,7 @@ entries: version: v1.1.0 - apiVersion: v1 appVersion: v1.0.0 - created: "2024-05-11T03:32:35.241661563Z" + created: "2024-07-18T06:59:59.120064404Z" description: SMB CSI Driver for Kubernetes digest: 3e4721dd007cc51750f7221be8f66ec7e287c83a8cdcfeb9a71c30f526b06dc4 name: csi-driver-smb @@ -138,7 +156,7 @@ entries: version: v1.0.0 - apiVersion: v1 appVersion: v0.6.0 - created: "2024-05-11T03:32:35.241377052Z" + created: "2024-07-18T06:59:59.119472272Z" description: SMB CSI Driver for Kubernetes digest: 6fc9d05bc78ca98fb17071b7f5ad05b4c071f2403114d72feae99fb89ca1fc9f name: csi-driver-smb @@ -147,7 +165,7 @@ entries: version: v0.6.0 - apiVersion: v1 appVersion: v0.5.0 - created: "2024-05-11T03:32:35.241095547Z" + created: "2024-07-18T06:59:59.118965554Z" description: SMB CSI Driver for Kubernetes digest: 8264c6630806325613234c2d7951c188d073607e6f0f89d781ec32afed04157b name: csi-driver-smb @@ -156,7 +174,7 @@ entries: version: v0.5.0 - apiVersion: v1 appVersion: v0.4.0 - created: "2024-05-11T03:32:35.240788375Z" + created: "2024-07-18T06:59:59.118405329Z" description: SMB CSI Driver for Kubernetes digest: fb6d581ba5d4d1d78ca468f6daa4a24c47bb147b74d005d3c394521b4e534a3e name: csi-driver-smb @@ -165,7 +183,7 @@ entries: version: v0.4.0 - apiVersion: v1 appVersion: v0.3.0 - created: "2024-05-11T03:32:35.24051303Z" + created: "2024-07-18T06:59:59.117892083Z" description: SMB CSI Driver for Kubernetes digest: ee9e58db6d4a95491e2012c6607126bbff827b9c439e90e9a9798d2a73b0cb22 name: csi-driver-smb @@ -174,7 +192,7 @@ entries: version: v0.3.0 - apiVersion: v1 appVersion: v0.2.0 - created: "2024-05-11T03:32:35.240251251Z" + created: "2024-07-18T06:59:59.117254087Z" description: SMB CSI Driver for Kubernetes digest: 8d8667106306d78dea9f63e5a3e8ee7ad2b60f86bd625f5968e37ca6a0cad317 name: csi-driver-smb @@ -183,20 +201,11 @@ entries: version: v0.2.0 - apiVersion: v1 appVersion: latest - created: "2024-05-11T03:32:35.250930033Z" + created: "2024-07-18T06:59:59.134451894Z" description: SMB CSI Driver for Kubernetes digest: 37a15bd85f6f9f2df20aed317d9baa3774128552488d02c2897d561e67777963 name: csi-driver-smb urls: - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.9.0/csi-driver-smb-v0.0.0.tgz version: v0.0.0 - - apiVersion: v1 - appVersion: latest - created: "2024-05-11T03:32:35.239948008Z" - description: SMB CSI Driver for Kubernetes - digest: 5391f1a7082e74c33d9009285967eb3390f1c9bdff24219db4be49364ee158a0 - name: csi-driver-smb - urls: - - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/latest/csi-driver-smb-v0.0.0.tgz - version: v0.0.0 -generated: "2024-05-11T03:32:35.239149886Z" +generated: "2024-07-18T06:59:59.115664324Z" diff --git a/charts/latest/csi-driver-smb-v0.0.0.tgz b/charts/latest/csi-driver-smb-v0.0.0.tgz deleted file mode 100644 index ca33ee289d5..00000000000 Binary files a/charts/latest/csi-driver-smb-v0.0.0.tgz and /dev/null differ diff --git a/charts/latest/csi-driver-smb-v1.15.0.tgz b/charts/latest/csi-driver-smb-v1.15.0.tgz new file mode 100644 index 00000000000..5e8e0875518 Binary files /dev/null and b/charts/latest/csi-driver-smb-v1.15.0.tgz differ diff --git a/charts/latest/csi-driver-smb/Chart.yaml b/charts/latest/csi-driver-smb/Chart.yaml index 947c56ec1df..cca2a32e79f 100755 --- a/charts/latest/csi-driver-smb/Chart.yaml +++ b/charts/latest/csi-driver-smb/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: latest +appVersion: v1.15.0 description: SMB CSI Driver for Kubernetes name: csi-driver-smb -version: v0.0.0 +version: v1.15.0 diff --git a/charts/latest/csi-driver-smb/values.yaml b/charts/latest/csi-driver-smb/values.yaml index a24e10200e8..ec54e15180f 100755 --- a/charts/latest/csi-driver-smb/values.yaml +++ b/charts/latest/csi-driver-smb/values.yaml @@ -1,8 +1,8 @@ image: baseRepo: registry.k8s.io/sig-storage smb: - repository: gcr.io/k8s-staging-sig-storage/smbplugin - tag: canary + repository: registry.k8s.io/sig-storage/smbplugin + tag: v1.15.0 pullPolicy: IfNotPresent csiProvisioner: repository: /csi-provisioner diff --git a/charts/v1.15.0/csi-driver-smb-v1.15.0.tgz b/charts/v1.15.0/csi-driver-smb-v1.15.0.tgz new file mode 100644 index 00000000000..5e8e0875518 Binary files /dev/null and b/charts/v1.15.0/csi-driver-smb-v1.15.0.tgz differ diff --git a/charts/v1.15.0/csi-driver-smb/Chart.yaml b/charts/v1.15.0/csi-driver-smb/Chart.yaml new file mode 100644 index 00000000000..cca2a32e79f --- /dev/null +++ b/charts/v1.15.0/csi-driver-smb/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: v1.15.0 +description: SMB CSI Driver for Kubernetes +name: csi-driver-smb +version: v1.15.0 diff --git a/charts/v1.15.0/csi-driver-smb/templates/NOTES.txt b/charts/v1.15.0/csi-driver-smb/templates/NOTES.txt new file mode 100644 index 00000000000..9d8ca4f2a0b --- /dev/null +++ b/charts/v1.15.0/csi-driver-smb/templates/NOTES.txt @@ -0,0 +1,5 @@ +The CSI SMB Driver is getting deployed to your cluster. + +To check CSI SMB Driver pods status, please run: + + kubectl --namespace={{ .Release.Namespace }} get pods --selector="app.kubernetes.io/name={{ .Release.Name }}" --watch diff --git a/charts/v1.15.0/csi-driver-smb/templates/_helpers.tpl b/charts/v1.15.0/csi-driver-smb/templates/_helpers.tpl new file mode 100644 index 00000000000..5394ab92ba2 --- /dev/null +++ b/charts/v1.15.0/csi-driver-smb/templates/_helpers.tpl @@ -0,0 +1,29 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* Expand the name of the chart.*/}} +{{- define "smb.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* labels for helm resources */}} +{{- define "smb.labels" -}} +labels: + app.kubernetes.io/instance: "{{ .Release.Name }}" + app.kubernetes.io/managed-by: "{{ .Release.Service }}" + app.kubernetes.io/name: "{{ template "smb.name" . }}" + app.kubernetes.io/version: "{{ .Chart.AppVersion }}" + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- if .Values.customLabels }} +{{ toYaml .Values.customLabels | indent 2 -}} + {{- end }} +{{- end -}} + +{{/* pull secrets for containers */}} +{{- define "smb.pullSecrets" -}} +{{- if .Values.imagePullSecrets }} +imagePullSecrets: +{{- range .Values.imagePullSecrets }} + - name: {{ . }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/v1.15.0/csi-driver-smb/templates/csi-proxy-windows.yaml b/charts/v1.15.0/csi-driver-smb/templates/csi-proxy-windows.yaml new file mode 100644 index 00000000000..bd2d1c7aa9f --- /dev/null +++ b/charts/v1.15.0/csi-driver-smb/templates/csi-proxy-windows.yaml @@ -0,0 +1,48 @@ +{{- if .Values.windows.csiproxy.enabled}} +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ .Values.windows.csiproxy.dsName }} + namespace: {{ .Release.Namespace }} +{{ include "smb.labels" . | indent 2 }} +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: {{ .Values.node.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + app: {{ .Values.windows.csiproxy.dsName }} + template: + metadata: +{{ include "smb.labels" . | indent 6 }} + app: {{ .Values.windows.csiproxy.dsName }} + spec: +{{- with .Values.windows.csiproxy.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + securityContext: + windowsOptions: + hostProcess: true + runAsUserName: {{ .Values.windows.csiproxy.username | quote }} + hostNetwork: true + nodeSelector: +{{- with .Values.windows.csiproxy.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.node.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} + priorityClassName: {{ .Values.priorityClassName | quote }} + {{- include "smb.pullSecrets" . | indent 6 }} + containers: + - name: csi-proxy +{{- if hasPrefix "/" .Values.image.csiproxy.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiproxy.repository }}:{{ .Values.image.csiproxy.tag }}" +{{- else }} + image: "{{ .Values.image.csiproxy.repository }}:{{ .Values.image.csiproxy.tag }}" +{{- end }} + imagePullPolicy: {{ .Values.image.csiproxy.pullPolicy }} +{{- end -}} diff --git a/charts/v1.15.0/csi-driver-smb/templates/csi-smb-controller.yaml b/charts/v1.15.0/csi-driver-smb/templates/csi-smb-controller.yaml new file mode 100644 index 00000000000..12561258c5f --- /dev/null +++ b/charts/v1.15.0/csi-driver-smb/templates/csi-smb-controller.yaml @@ -0,0 +1,147 @@ +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: {{ .Values.controller.name }} + namespace: {{ .Release.Namespace }} +{{ include "smb.labels" . | indent 2 }} +spec: + strategy: + type: Recreate + replicas: {{ .Values.controller.replicas }} + selector: + matchLabels: + app: {{ .Values.controller.name }} + template: + metadata: +{{ include "smb.labels" . | indent 6 }} + app: {{ .Values.controller.name }} + {{- if .Values.podLabels }} +{{- toYaml .Values.podLabels | nindent 8 }} + {{- end }} +{{- if .Values.podAnnotations }} + annotations: +{{ toYaml .Values.podAnnotations | indent 8 }} +{{- end }} + spec: +{{- with .Values.controller.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} + hostNetwork: true + dnsPolicy: {{ .Values.controller.dnsPolicy }} + serviceAccountName: {{ .Values.serviceAccount.controller }} + nodeSelector: +{{- with .Values.controller.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} + kubernetes.io/os: linux + {{- if .Values.controller.runOnMaster}} + node-role.kubernetes.io/master: "" + {{- end}} + {{- if .Values.controller.runOnControlPlane}} + node-role.kubernetes.io/control-plane: "" + {{- end}} + priorityClassName: {{ .Values.priorityClassName | quote }} + {{- if .Values.securityContext }} + securityContext: {{- toYaml .Values.securityContext | nindent 8 }} + {{- end }} +{{- with .Values.controller.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + {{- include "smb.pullSecrets" . | indent 6 }} + containers: + - name: csi-provisioner +{{- if hasPrefix "/" .Values.image.csiProvisioner.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}" +{{- else }} + image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}" +{{- end }} + args: + - "-v=2" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--leader-election-namespace={{ .Release.Namespace }}" + - "--extra-create-metadata=true" + - "--feature-gates=HonorPVReclaimPolicy=false" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: {{ .Values.image.csiProvisioner.pullPolicy }} + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }} + securityContext: + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + - name: liveness-probe +{{- if hasPrefix "/" .Values.image.livenessProbe.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- else }} + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- end }} + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --http-endpoint=localhost:{{ .Values.controller.livenessProbe.healthPort }} + - --v=2 + imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }} + securityContext: + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + - name: smb +{{- if hasPrefix "/" .Values.image.smb.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}" +{{- else }} + image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}" +{{- end }} + imagePullPolicy: {{ .Values.image.smb.pullPolicy }} + args: + - "--v={{ .Values.controller.logLevel }}" + - "--endpoint=$(CSI_ENDPOINT)" + - "--metrics-address=0.0.0.0:{{ .Values.controller.metricsPort }}" + - "--drivername={{ .Values.driver.name }}" + - "--working-mount-dir={{ .Values.controller.workingMountDir }}" + ports: + - containerPort: {{ .Values.controller.metricsPort }} + name: metrics + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + host: localhost + path: /healthz + port: {{ .Values.controller.livenessProbe.healthPort }} + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + securityContext: + privileged: true + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: {{ .Values.controller.workingMountDir }} + name: tmp-dir + resources: {{- toYaml .Values.controller.resources.smb | nindent 12 }} + volumes: + - name: socket-dir + emptyDir: {} + - name: tmp-dir + emptyDir: {} diff --git a/charts/v1.15.0/csi-driver-smb/templates/csi-smb-driver.yaml b/charts/v1.15.0/csi-driver-smb/templates/csi-smb-driver.yaml new file mode 100644 index 00000000000..16094379923 --- /dev/null +++ b/charts/v1.15.0/csi-driver-smb/templates/csi-smb-driver.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: {{ .Values.driver.name }} +spec: + attachRequired: false + podInfoOnMount: true diff --git a/charts/v1.15.0/csi-driver-smb/templates/csi-smb-node-windows.yaml b/charts/v1.15.0/csi-driver-smb/templates/csi-smb-node-windows.yaml new file mode 100644 index 00000000000..0a4e93b0675 --- /dev/null +++ b/charts/v1.15.0/csi-driver-smb/templates/csi-smb-node-windows.yaml @@ -0,0 +1,183 @@ +{{- if .Values.windows.enabled}} +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ .Values.windows.dsName }} + namespace: {{ .Release.Namespace }} +{{ include "smb.labels" . | indent 2 }} +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: {{ .Values.node.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + app: {{ .Values.windows.dsName }} + template: + metadata: +{{ include "smb.labels" . | indent 6 }} + app: {{ .Values.windows.dsName }} + spec: +{{- with .Values.windows.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + nodeSelector: + kubernetes.io/os: windows +{{- with .Values.node.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.node.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} + priorityClassName: {{ .Values.priorityClassName | quote }} + {{- if .Values.securityContext }} + securityContext: {{- toYaml .Values.securityContext | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Values.serviceAccount.node }} + {{- include "smb.pullSecrets" . | indent 6 }} + containers: + - name: liveness-probe + volumeMounts: + - mountPath: C:\csi + name: plugin-dir +{{- if hasPrefix "/" .Values.image.livenessProbe.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- else }} + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- end }} + args: + - --csi-address=$(CSI_ENDPOINT) + - --probe-timeout=3s + - --health-port={{ .Values.node.livenessProbe.healthPort }} + - --v=2 + env: + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }} + resources: {{- toYaml .Values.windows.resources.livenessProbe | nindent 12 }} + securityContext: + capabilities: + drop: + - ALL + - name: node-driver-registrar +{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- else }} + image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- end }} + args: + - --v=2 + - --csi-address=$(CSI_ENDPOINT) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + livenessProbe: + exec: + command: + - /csi-node-driver-registrar.exe + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 60 + timeoutSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + - name: DRIVER_REG_SOCK_PATH + value: {{ .Values.windows.kubelet | replace "\\" "\\\\" }}\\plugins\\{{ .Values.driver.name }}\\csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }} + volumeMounts: + - name: plugin-dir + mountPath: C:\csi + - name: registration-dir + mountPath: C:\registration + resources: {{- toYaml .Values.windows.resources.nodeDriverRegistrar | nindent 12 }} + securityContext: + capabilities: + drop: + - ALL + - name: smb +{{- if hasPrefix "/" .Values.image.smb.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}" +{{- else }} + image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}" +{{- end }} + imagePullPolicy: {{ .Values.image.smb.pullPolicy }} + args: + - "--v={{ .Values.node.logLevel }}" + - "--drivername={{ .Values.driver.name }}" + - --endpoint=$(CSI_ENDPOINT) + - --nodeid=$(KUBE_NODE_NAME) + - "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}" + - "--remove-smb-mapping-during-unmount={{ .Values.windows.removeSMBMappingDuringUnmount }}" + ports: + - containerPort: {{ .Values.node.livenessProbe.healthPort }} + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + volumeMounts: + - name: kubelet-dir + mountPath: {{ .Values.windows.kubelet }}\ + - name: plugin-dir + mountPath: C:\csi + - name: csi-proxy-fs-pipe-v1 + mountPath: \\.\pipe\csi-proxy-filesystem-v1 + - name: csi-proxy-smb-pipe-v1 + mountPath: \\.\pipe\csi-proxy-smb-v1 + # these paths are still included for compatibility, they're used + # only if the node has still the beta version of the CSI proxy + - name: csi-proxy-fs-pipe-v1beta1 + mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1 + - name: csi-proxy-smb-pipe-v1beta1 + mountPath: \\.\pipe\csi-proxy-smb-v1beta1 + resources: {{- toYaml .Values.windows.resources.smb | nindent 12 }} + securityContext: + capabilities: + drop: + - ALL + volumes: + - name: csi-proxy-fs-pipe-v1 + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1 + - name: csi-proxy-smb-pipe-v1 + hostPath: + path: \\.\pipe\csi-proxy-smb-v1 + # these paths are still included for compatibility, they're used + # only if the node has still the beta version of the CSI proxy + - name: csi-proxy-fs-pipe-v1beta1 + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1beta1 + - name: csi-proxy-smb-pipe-v1beta1 + hostPath: + path: \\.\pipe\csi-proxy-smb-v1beta1 + - name: registration-dir + hostPath: + path: {{ .Values.windows.kubelet }}\plugins_registry\ + type: Directory + - name: kubelet-dir + hostPath: + path: {{ .Values.windows.kubelet }}\ + type: Directory + - name: plugin-dir + hostPath: + path: {{ .Values.windows.kubelet }}\plugins\{{ .Values.driver.name }}\ + type: DirectoryOrCreate +{{- end -}} diff --git a/charts/v1.15.0/csi-driver-smb/templates/csi-smb-node.yaml b/charts/v1.15.0/csi-driver-smb/templates/csi-smb-node.yaml new file mode 100644 index 00000000000..086079f6104 --- /dev/null +++ b/charts/v1.15.0/csi-driver-smb/templates/csi-smb-node.yaml @@ -0,0 +1,173 @@ +{{- if .Values.linux.enabled}} +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ .Values.linux.dsName }} + namespace: {{ .Release.Namespace }} +{{ include "smb.labels" . | indent 2 }} +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: {{ .Values.node.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + app: {{ .Values.linux.dsName }} + template: + metadata: +{{ include "smb.labels" . | indent 6 }} + app: {{ .Values.linux.dsName }} + {{- if .Values.podLabels }} +{{- toYaml .Values.podLabels | nindent 8 }} + {{- end }} +{{- if .Values.podAnnotations }} + annotations: +{{ toYaml .Values.podAnnotations | indent 8 }} +{{- end }} + spec: +{{- with .Values.node.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} + hostNetwork: true + dnsPolicy: {{ .Values.linux.dnsPolicy }} + serviceAccountName: {{ .Values.serviceAccount.node }} + nodeSelector: + kubernetes.io/os: linux +{{- with .Values.node.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} + priorityClassName: {{ .Values.priorityClassName | quote }} + {{- if .Values.securityContext }} + securityContext: {{- toYaml .Values.securityContext | nindent 8 }} + {{- end }} +{{- with .Values.linux.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + {{- include "smb.pullSecrets" . | indent 6 }} + containers: + - name: liveness-probe + volumeMounts: + - mountPath: /csi + name: socket-dir +{{- if hasPrefix "/" .Values.image.livenessProbe.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- else }} + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- end }} + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --http-endpoint=localhost:{{ .Values.node.livenessProbe.healthPort }} + - --v=2 + imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }} + resources: {{- toYaml .Values.linux.resources.livenessProbe | nindent 12 }} + securityContext: + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + - name: node-driver-registrar +{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- else }} + image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- end }} + args: + - --csi-address=$(ADDRESS) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --v=2 + livenessProbe: + exec: + command: + - /csi-node-driver-registrar + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 30 + timeoutSeconds: 15 + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}/csi.sock + imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + resources: {{- toYaml .Values.linux.resources.nodeDriverRegistrar | nindent 12 }} + securityContext: + capabilities: + drop: + - ALL + - name: smb +{{- if hasPrefix "/" .Values.image.smb.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}" +{{- else }} + image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}" +{{- end }} + imagePullPolicy: {{ .Values.image.smb.pullPolicy }} + args: + - "--v={{ .Values.node.logLevel }}" + - "--drivername={{ .Values.driver.name }}" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + - "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}" + - "--krb5-prefix={{ .Values.linux.krb5Prefix }}" + livenessProbe: + failureThreshold: 5 + httpGet: + host: localhost + path: /healthz + port: {{ .Values.node.livenessProbe.healthPort }} + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + securityContext: + readOnlyRootFilesystem: true + privileged: true + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: {{ .Values.linux.kubelet }} + mountPropagation: Bidirectional + name: mountpoint-dir +{{- if ne .Values.linux.krb5CacheDirectory "" }} + - mountPath: {{ .Values.linux.kubelet }}/kerberos/ + mountPropagation: Bidirectional + name: krb5Cache-dir +{{- end }} + resources: {{- toYaml .Values.linux.resources.smb | nindent 12 }} + volumes: + - hostPath: + path: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }} + type: DirectoryOrCreate + name: socket-dir + - hostPath: + path: {{ .Values.linux.kubelet }}/ + type: DirectoryOrCreate + name: mountpoint-dir + - hostPath: + path: {{ .Values.linux.kubelet }}/plugins_registry/ + type: DirectoryOrCreate + name: registration-dir +{{- if ne .Values.linux.krb5CacheDirectory "" }} + - hostPath: + path: {{ .Values.linux.krb5CacheDirectory }} + type: DirectoryOrCreate + name: krb5Cache-dir +{{- end }} +{{- end -}} diff --git a/charts/v1.15.0/csi-driver-smb/templates/rbac-csi-smb.yaml b/charts/v1.15.0/csi-driver-smb/templates/rbac-csi-smb.yaml new file mode 100644 index 00000000000..03561d1be18 --- /dev/null +++ b/charts/v1.15.0/csi-driver-smb/templates/rbac-csi-smb.yaml @@ -0,0 +1,65 @@ +{{- if .Values.serviceAccount.create -}} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +{{ include "smb.labels" . | indent 2 }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.node }} + namespace: {{ .Release.Namespace }} +{{ include "smb.labels" . | indent 2 }} +{{ end }} + +{{- if .Values.rbac.create -}} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ .Values.rbac.name }}-external-provisioner-role +{{ include "smb.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-csi-provisioner-binding +{{ include "smb.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ .Values.rbac.name }}-external-provisioner-role + apiGroup: rbac.authorization.k8s.io +{{ end }} diff --git a/charts/v1.15.0/csi-driver-smb/values.yaml b/charts/v1.15.0/csi-driver-smb/values.yaml new file mode 100644 index 00000000000..ec54e15180f --- /dev/null +++ b/charts/v1.15.0/csi-driver-smb/values.yaml @@ -0,0 +1,167 @@ +image: + baseRepo: registry.k8s.io/sig-storage + smb: + repository: registry.k8s.io/sig-storage/smbplugin + tag: v1.15.0 + pullPolicy: IfNotPresent + csiProvisioner: + repository: /csi-provisioner + tag: v5.0.1 + pullPolicy: IfNotPresent + livenessProbe: + repository: /livenessprobe + tag: v2.13.1 + pullPolicy: IfNotPresent + nodeDriverRegistrar: + repository: /csi-node-driver-registrar + tag: v2.11.1 + pullPolicy: IfNotPresent + csiproxy: + repository: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy + tag: v1.1.2 + pullPolicy: IfNotPresent + +serviceAccount: + create: true # When true, service accounts will be created for you. Set to false if you want to use your own. + controller: csi-smb-controller-sa + node: csi-smb-node-sa + +rbac: + create: true + name: smb + +driver: + name: smb.csi.k8s.io + +feature: + enableGetVolumeStats: true + +controller: + name: csi-smb-controller + replicas: 1 + dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst + metricsPort: 29644 + livenessProbe: + healthPort: 29642 + runOnMaster: false + runOnControlPlane: false + logLevel: 5 + workingMountDir: "/tmp" + resources: + csiProvisioner: + limits: + memory: 300Mi + requests: + cpu: 10m + memory: 20Mi + livenessProbe: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + smb: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + affinity: {} + nodeSelector: {} + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/controlplane" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Exists" + effect: "NoSchedule" + +node: + maxUnavailable: 1 + logLevel: 5 + livenessProbe: + healthPort: 29643 + affinity: {} + nodeSelector: {} + +linux: + enabled: true + dsName: csi-smb-node # daemonset name + dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst + kubelet: /var/lib/kubelet + krb5CacheDirectory: "" # directory for kerberos credential cache, empty string means default(/var/lib/kubelet/kerberos/) + krb5Prefix: "" # prefix for kerberos credential cache, empty string means default(krb5cc_) + tolerations: + - operator: "Exists" + resources: + livenessProbe: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + nodeDriverRegistrar: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + smb: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + +windows: + enabled: false # Unless you already had csi proxy installed, windows.csiproxy.enabled=true is required + dsName: csi-smb-node-win # daemonset name + kubelet: 'C:\var\lib\kubelet' + removeSMBMappingDuringUnmount: true + tolerations: + - key: "node.kubernetes.io/os" + operator: "Exists" + effect: "NoSchedule" + resources: + livenessProbe: + limits: + memory: 150Mi + requests: + cpu: 10m + memory: 40Mi + nodeDriverRegistrar: + limits: + memory: 150Mi + requests: + cpu: 10m + memory: 40Mi + smb: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 40Mi + csiproxy: + enabled: false # required if windows.enabled is true, but may be installed manually also + dsName: csi-proxy-win # daemonset name + tolerations: {} + affinity: {} + username: "NT AUTHORITY\\SYSTEM" + nodeSelector: + "kubernetes.io/os": windows + +customLabels: {} +## Collection of annotations to add to all the pods +podAnnotations: {} +## Collection of labels to add to all the pods +podLabels: {} +## Leverage a PriorityClass to ensure your pods survive resource shortages +## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +priorityClassName: system-cluster-critical +## Security context give the opportunity to run container as nonroot by setting a securityContext +## by example : +## securityContext: { runAsUser: 1001 } +securityContext: { seccompProfile: {type: RuntimeDefault} } diff --git a/deploy/csi-smb-controller.yaml b/deploy/csi-smb-controller.yaml index b4c762d7782..d1e6de01ec3 100644 --- a/deploy/csi-smb-controller.yaml +++ b/deploy/csi-smb-controller.yaml @@ -81,7 +81,7 @@ spec: drop: - ALL - name: smb - image: gcr.io/k8s-staging-sig-storage/smbplugin:canary + image: registry.k8s.io/sig-storage/smbplugin:v1.15.0 imagePullPolicy: IfNotPresent args: - "--v=5" diff --git a/deploy/csi-smb-node-windows.yaml b/deploy/csi-smb-node-windows.yaml index 1a37755e4d8..8efdd6abd95 100644 --- a/deploy/csi-smb-node-windows.yaml +++ b/deploy/csi-smb-node-windows.yaml @@ -93,7 +93,7 @@ spec: drop: - ALL - name: smb - image: gcr.io/k8s-staging-sig-storage/smbplugin:canary + image: registry.k8s.io/sig-storage/smbplugin:v1.15.0 imagePullPolicy: IfNotPresent args: - --v=5 diff --git a/deploy/csi-smb-node.yaml b/deploy/csi-smb-node.yaml index 5d6fde48788..4d1820e97bb 100644 --- a/deploy/csi-smb-node.yaml +++ b/deploy/csi-smb-node.yaml @@ -84,7 +84,7 @@ spec: drop: - ALL - name: smb - image: gcr.io/k8s-staging-sig-storage/smbplugin:canary + image: registry.k8s.io/sig-storage/smbplugin:v1.15.0 imagePullPolicy: IfNotPresent args: - "--v=5" diff --git a/deploy/v1.15.0/csi-smb-controller.yaml b/deploy/v1.15.0/csi-smb-controller.yaml new file mode 100644 index 00000000000..d1e6de01ec3 --- /dev/null +++ b/deploy/v1.15.0/csi-smb-controller.yaml @@ -0,0 +1,122 @@ +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: csi-smb-controller + namespace: kube-system +spec: + replicas: 1 + selector: + matchLabels: + app: csi-smb-controller + template: + metadata: + labels: + app: csi-smb-controller + spec: + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst + serviceAccountName: csi-smb-controller-sa + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-cluster-critical + securityContext: + seccompProfile: + type: RuntimeDefault + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/controlplane" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Exists" + effect: "NoSchedule" + containers: + - name: csi-provisioner + image: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 + args: + - "-v=2" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--leader-election-namespace=kube-system" + - "--extra-create-metadata=true" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 1 + memory: 300Mi + requests: + cpu: 10m + memory: 20Mi + securityContext: + capabilities: + drop: + - ALL + - name: liveness-probe + image: registry.k8s.io/sig-storage/livenessprobe:v2.13.1 + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --http-endpoint=localhost:29642 + - --v=2 + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 1 + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + securityContext: + capabilities: + drop: + - ALL + - name: smb + image: registry.k8s.io/sig-storage/smbplugin:v1.15.0 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--metrics-address=0.0.0.0:29644" + ports: + - containerPort: 29644 + name: metrics + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + host: localhost + path: /healthz + port: 29642 + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + securityContext: + privileged: true + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + volumes: + - name: socket-dir + emptyDir: {} diff --git a/deploy/v1.15.0/csi-smb-driver.yaml b/deploy/v1.15.0/csi-smb-driver.yaml new file mode 100644 index 00000000000..6450d22b3e9 --- /dev/null +++ b/deploy/v1.15.0/csi-smb-driver.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: smb.csi.k8s.io +spec: + attachRequired: false + podInfoOnMount: true diff --git a/deploy/v1.15.0/csi-smb-node-windows.yaml b/deploy/v1.15.0/csi-smb-node-windows.yaml new file mode 100644 index 00000000000..8efdd6abd95 --- /dev/null +++ b/deploy/v1.15.0/csi-smb-node-windows.yaml @@ -0,0 +1,174 @@ +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-smb-node-win + namespace: kube-system +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + selector: + matchLabels: + app: csi-smb-node-win + template: + metadata: + labels: + app: csi-smb-node-win + spec: + tolerations: + - key: "node.kubernetes.io/os" + operator: "Exists" + effect: "NoSchedule" + nodeSelector: + kubernetes.io/os: windows + priorityClassName: system-node-critical + securityContext: + seccompProfile: + type: RuntimeDefault + serviceAccountName: csi-smb-node-sa + containers: + - name: liveness-probe + volumeMounts: + - mountPath: C:\csi + name: plugin-dir + image: registry.k8s.io/sig-storage/livenessprobe:v2.13.1 + args: + - --csi-address=$(CSI_ENDPOINT) + - --probe-timeout=3s + - --health-port=29643 + - --v=2 + env: + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 40Mi + securityContext: + capabilities: + drop: + - ALL + - name: node-driver-registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.11.1 + args: + - --v=2 + - --csi-address=$(CSI_ENDPOINT) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + livenessProbe: + exec: + command: + - /csi-node-driver-registrar.exe + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 60 + timeoutSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + - name: DRIVER_REG_SOCK_PATH + value: C:\\var\\lib\\kubelet\\plugins\\smb.csi.k8s.io\\csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + volumeMounts: + - name: kubelet-dir + mountPath: "C:\\var\\lib\\kubelet" + - name: plugin-dir + mountPath: C:\csi + - name: registration-dir + mountPath: C:\registration + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 40Mi + securityContext: + capabilities: + drop: + - ALL + - name: smb + image: registry.k8s.io/sig-storage/smbplugin:v1.15.0 + imagePullPolicy: IfNotPresent + args: + - --v=5 + - --endpoint=$(CSI_ENDPOINT) + - --nodeid=$(KUBE_NODE_NAME) + - "--remove-smb-mapping-during-unmount=true" + ports: + - containerPort: 29643 + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + volumeMounts: + - name: kubelet-dir + mountPath: "C:\\var\\lib\\kubelet" + - name: plugin-dir + mountPath: C:\csi + - name: csi-proxy-fs-pipe-v1 + mountPath: \\.\pipe\csi-proxy-filesystem-v1 + - name: csi-proxy-smb-pipe-v1 + mountPath: \\.\pipe\csi-proxy-smb-v1 + # these paths are still included for compatibility, they're used + # only if the node has still the beta version of the CSI proxy + - name: csi-proxy-fs-pipe-v1beta1 + mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1 + - name: csi-proxy-smb-pipe-v1beta1 + mountPath: \\.\pipe\csi-proxy-smb-v1beta1 + resources: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 40Mi + securityContext: + capabilities: + drop: + - ALL + volumes: + - name: csi-proxy-fs-pipe-v1 + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1 + - name: csi-proxy-smb-pipe-v1 + hostPath: + path: \\.\pipe\csi-proxy-smb-v1 + # these paths are still included for compatibility, they're used + # only if the node has still the beta version of the CSI proxy + - name: csi-proxy-fs-pipe-v1beta1 + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1beta1 + - name: csi-proxy-smb-pipe-v1beta1 + hostPath: + path: \\.\pipe\csi-proxy-smb-v1beta1 + - name: registration-dir + hostPath: + path: C:\var\lib\kubelet\plugins_registry\ + type: Directory + - name: kubelet-dir + hostPath: + path: C:\var\lib\kubelet\ + type: Directory + - name: plugin-dir + hostPath: + path: C:\var\lib\kubelet\plugins\smb.csi.k8s.io\ + type: DirectoryOrCreate diff --git a/deploy/v1.15.0/csi-smb-node.yaml b/deploy/v1.15.0/csi-smb-node.yaml new file mode 100644 index 00000000000..4d1820e97bb --- /dev/null +++ b/deploy/v1.15.0/csi-smb-node.yaml @@ -0,0 +1,140 @@ +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-smb-node + namespace: kube-system +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + selector: + matchLabels: + app: csi-smb-node + template: + metadata: + labels: + app: csi-smb-node + spec: + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst + serviceAccountName: csi-smb-node-sa + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-node-critical + securityContext: + seccompProfile: + type: RuntimeDefault + tolerations: + - operator: "Exists" + containers: + - name: liveness-probe + volumeMounts: + - mountPath: /csi + name: socket-dir + image: registry.k8s.io/sig-storage/livenessprobe:v2.13.1 + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --http-endpoint=localhost:29643 + - --v=2 + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + securityContext: + capabilities: + drop: + - ALL + - name: node-driver-registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.11.1 + args: + - --csi-address=$(ADDRESS) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --v=2 + livenessProbe: + exec: + command: + - /csi-node-driver-registrar + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 30 + timeoutSeconds: 15 + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: /var/lib/kubelet/plugins/smb.csi.k8s.io/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + securityContext: + capabilities: + drop: + - ALL + - name: smb + image: registry.k8s.io/sig-storage/smbplugin:v1.15.0 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + livenessProbe: + failureThreshold: 5 + httpGet: + host: localhost + path: /healthz + port: 29643 + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + securityContext: + privileged: true + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /var/lib/kubelet/ + mountPropagation: Bidirectional + name: mountpoint-dir + resources: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/smb.csi.k8s.io + type: DirectoryOrCreate + name: socket-dir + - hostPath: + path: /var/lib/kubelet/ + type: DirectoryOrCreate + name: mountpoint-dir + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: DirectoryOrCreate + name: registration-dir +--- diff --git a/deploy/v1.15.0/rbac-csi-smb.yaml b/deploy/v1.15.0/rbac-csi-smb.yaml new file mode 100644 index 00000000000..fc1f03ffa79 --- /dev/null +++ b/deploy/v1.15.0/rbac-csi-smb.yaml @@ -0,0 +1,56 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-smb-controller-sa + namespace: kube-system +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-smb-node-sa + namespace: kube-system +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: smb-external-provisioner-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: smb-csi-provisioner-binding +subjects: + - kind: ServiceAccount + name: csi-smb-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: smb-external-provisioner-role + apiGroup: rbac.authorization.k8s.io diff --git a/docs/install-csi-driver-v1.15.0.md b/docs/install-csi-driver-v1.15.0.md new file mode 100644 index 00000000000..5ebbe2b5d2c --- /dev/null +++ b/docs/install-csi-driver-v1.15.0.md @@ -0,0 +1,45 @@ +## Install SMB CSI driver v1.15.0 version on a Kubernetes cluster +If you have already installed Helm, you can also use it to install this driver. Please check [Installation with Helm](../charts/README.md). + +### Install by kubectl + - Option#1. remote install +```console +curl -skSL https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/v1.15.0/deploy/install-driver.sh | bash -s v1.15.0 -- +``` + + - Option#2. local install +```console +git clone https://github.com/kubernetes-csi/csi-driver-smb.git +cd csi-driver-smb +git checkout v1.15.0 +./deploy/install-driver.sh v1.15.0 local +``` + + - check pods status: +```console +kubectl -n kube-system get pod -o wide --watch -l app=csi-smb-controller +kubectl -n kube-system get pod -o wide --watch -l app=csi-smb-node +``` + +example output: + +``` +NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES +csi-smb-controller-788486959d-5qmn7 3/3 Running 0 23s 10.244.0.45 aks-agentpool-60632172-vmss000006 +csi-smb-node-4gwzl 3/3 Running 0 15s 10.244.1.34 aks-agentpool-60632172-vmss000007 +csi-smb-node-hg76w 3/3 Running 0 27s 10.244.0.44 aks-agentpool-60632172-vmss000006 +``` + +### clean up SMB CSI driver + - Option#1. remote uninstall +```console +curl -skSL https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/v1.15.0/deploy/uninstall-driver.sh | bash -s -- +``` + + - Option#2. local uninstall +```console +git clone https://github.com/kubernetes-csi/csi-driver-smb.git +cd csi-driver-smb +git checkout v1.15.0 +./deploy/uninstall-driver.sh v1.15.0 local +``` diff --git a/docs/install-smb-csi-driver.md b/docs/install-smb-csi-driver.md index 68da2f506de..e05aafc2823 100644 --- a/docs/install-smb-csi-driver.md +++ b/docs/install-smb-csi-driver.md @@ -1,5 +1,6 @@ ## Install SMB CSI driver on a Kubernetes cluster - [install CSI driver master version](./install-csi-driver-master.md)(only for testing purpose) + - [install CSI driver v1.15.0 version](./install-csi-driver-v1.15.0.md) - [install CSI driver v1.14.0 version](./install-csi-driver-v1.14.0.md) - [install CSI driver v1.13.0 version](./install-csi-driver-v1.13.0.md)